<!--#include file="lib/utf-8.asp"-->
<!--#include file="lib/conn.asp"-->
<!--#include file="lib/saferequest.asp"-->
<!--#include file="lib/error_write.asp"-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" href="lib/sheet.css" type="text/css">
<title>无标题文档</title>
</head>
<%
If (Request.QueryString("id") <> "") Then
  id = Request.QueryString("id")
End If

if request.form("mm_edit")<>"" then
	user=trim(SafeRequest("user",0))
	name=trim(SafeRequest("name",0))
	flag=trim(SafeRequest("flag",1))
	post=trim(SafeRequest("post",1))
	password1=trim(SafeRequest("password1",0))
	password2=trim(SafeRequest("password2",0))
	if user="" then error_write "1","没有填写[用户名]"
	if name="" then error_write "2","没有填写[姓名]"
	if password1<>password2 Then error_write "3","密码不匹配"
	set cmd=Server.CreateObject("ADODB.Command")
	cmd.ActiveConnection = conn
	sql="update yh set [user]='"&user&"',[pass]='"&password1&"',flag="&flag&",post="&post&",[name]='"&name&"' where id="&id
	'response.Write(sql)
	cmd.CommandText = sql
	cmd.Execute
	view_url="manage_user.asp"
	response.Redirect(view_url)
end if



id=request.QueryString("id")
	Set rs = Server.CreateObject("ADODB.Recordset")
	rs.ActiveConnection = conn
	rs.CursorType = 1
	rs.CursorLocation = 2
	rs.LockType = 3
	rs.Source = "SELECT * FROM yh WHERE id = " + Replace(id, "'", "''") + ""
	rs.Open()

%>

<body>

<form name="form1" method="post" action="edit_user.asp?id=<%=id%>">
<table cellspacing="1" cellpadding="2" border="0" bgcolor="black" width="100%">
    <tr bgcolor="silver">
      <th scope="col">ID</th>
      <th scope="col">用户名</th>
      <th scope="col">密码</th>
      <th scope="col">确认密码</th>
      <th scope="col">权限</th>
      <th scope="col">姓名</th>
      <th scope="col">岗位</th>
    </tr>
    <tr bgcolor="#efefef" align="center">
      <td><%=rs("id")%></td>
      <td><input name="user" type="text" id="user" size="10" value="<%=rs("user")%>"></td>
      <td><input name="password1" type="password" id="password1" size="15" value="<%=rs("pass")%>"></td>
      <td><input name="password2" type="password" id="password2" size="15" value="<%=rs("pass")%>"></td>
      <td>
				<select name="flag">
						<option value="1" <%if rs("flag")="1" then response.write("selected")%>>查询</option>
						<option value="3" <%if rs("flag")="3" then response.write("selected")%>>查询、添加</option>
						<option value="4" <%if rs("flag")="4" then response.write("selected")%>>查询、添加、编辑</option>
						<option value="5" <%if rs("flag")="5" then response.write("selected")%>>查询、添加、编辑、删除</option>
						<option value="15" <%if rs("flag")="15" then response.write("selected")%>>管理员</option>
				</select></td>
      <td><input name="name" type="text" id="name" size="8" value="<%=rs("name")%>"></td>
      <td>
				<select name="post">
						<option value="1" <%if rs("post")="1" then response.write("selected")%>>船务</option>
						<option value="2" <%if rs("post")="2" then response.write("selected")%>>车队</option>
						<option value="0" <%if rs("post")="0" then response.write("selected")%>>全部</option>
				</select>
			</td>
    </tr>
    <tr bgcolor="silver">
      <td colspan="10"><div align="center">
        <input type="submit" name="Submit" value="提交">
        &nbsp;&nbsp;&nbsp;&nbsp;<input type="reset" name="Reset" value="重置">
        <input type="hidden" name="mm_edit" value="true">
      </div></td>
    </tr>
  </table>
</form>
<p><a href="javascript:history.go(-1)">&lt;&lt;返回上一页</a></p>
</body>
</html>
<%
rs.Close()
Set rs = Nothing
%>
